3 matches found
CVE-2023-41253
When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2023-41253
CVE-2023-41253 affects BIG-IP DNS and BIG-IP LTM when DNS Services license is enabled. A TSIG key created on these systems is logged in plaintext in the audit log due to a disclosure in the control plane. The vulnerability can allow an authenticated user with auditor privileges to view the TSIG k...
K98334513: BIG-IP DNS TSIG key vulnerability CVE-2023-41253
Security Advisory Description When a BIG-IP DNS or BIG-IP LTM system is enabled with the DNS Services license, and a TSIG key is created, the key is logged in plaintext in the audit log. CVE-2023-41253 Impact An authenticated attacker with at least auditor role privileges can view the TSIG key in...